Share via


Microsoft.Network vpnServerConfigurations/configurationPolicyGroups 2025-01-01

Bicep resource definition

The vpnServerConfigurations/configurationPolicyGroups resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Network/vpnServerConfigurations/configurationPolicyGroups resource, add the following Bicep to your template.

resource symbolicname 'Microsoft.Network/vpnServerConfigurations/configurationPolicyGroups@2025-01-01' = {
  parent: resourceSymbolicName
  name: 'string'
  properties: {
    isDefault: bool
    policyMembers: [
      {
        attributeType: 'string'
        attributeValue: 'string'
        name: 'string'
      }
    ]
    priority: int
  }
}

Property Values

Microsoft.Network/vpnServerConfigurations/configurationPolicyGroups

Name Description Value
name The resource name string (required)
parent In Bicep, you can specify the parent resource for a child resource. You only need to add this property when the child resource is declared outside of the parent resource.

For more information, see Child resource outside parent resource.
Symbolic name for resource of type: vpnServerConfigurations
properties Properties of the VpnServerConfigurationPolicyGroup. VpnServerConfigurationPolicyGroupProperties

VpnServerConfigurationPolicyGroupMember

Name Description Value
attributeType The Vpn Policy member attribute type. 'AADGroupId'
'CertificateGroupId'
'RadiusAzureGroupId'
attributeValue The value of Attribute used for this VpnServerConfigurationPolicyGroupMember. string
name Name of the VpnServerConfigurationPolicyGroupMember. string

VpnServerConfigurationPolicyGroupProperties

Name Description Value
isDefault Shows if this is a Default VpnServerConfigurationPolicyGroup or not. bool
policyMembers Multiple PolicyMembers for VpnServerConfigurationPolicyGroup. VpnServerConfigurationPolicyGroupMember[]
priority Priority for VpnServerConfigurationPolicyGroup. int

ARM template resource definition

The vpnServerConfigurations/configurationPolicyGroups resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Network/vpnServerConfigurations/configurationPolicyGroups resource, add the following JSON to your template.

{
  "type": "Microsoft.Network/vpnServerConfigurations/configurationPolicyGroups",
  "apiVersion": "2025-01-01",
  "name": "string",
  "properties": {
    "isDefault": "bool",
    "policyMembers": [
      {
        "attributeType": "string",
        "attributeValue": "string",
        "name": "string"
      }
    ],
    "priority": "int"
  }
}

Property Values

Microsoft.Network/vpnServerConfigurations/configurationPolicyGroups

Name Description Value
apiVersion The api version '2025-01-01'
name The resource name string (required)
properties Properties of the VpnServerConfigurationPolicyGroup. VpnServerConfigurationPolicyGroupProperties
type The resource type 'Microsoft.Network/vpnServerConfigurations/configurationPolicyGroups'

VpnServerConfigurationPolicyGroupMember

Name Description Value
attributeType The Vpn Policy member attribute type. 'AADGroupId'
'CertificateGroupId'
'RadiusAzureGroupId'
attributeValue The value of Attribute used for this VpnServerConfigurationPolicyGroupMember. string
name Name of the VpnServerConfigurationPolicyGroupMember. string

VpnServerConfigurationPolicyGroupProperties

Name Description Value
isDefault Shows if this is a Default VpnServerConfigurationPolicyGroup or not. bool
policyMembers Multiple PolicyMembers for VpnServerConfigurationPolicyGroup. VpnServerConfigurationPolicyGroupMember[]
priority Priority for VpnServerConfigurationPolicyGroup. int

Usage Examples

Azure Quickstart Templates

The following Azure Quickstart templates deploy this resource type.

Template Description
vWAN P2S deployment with multi address pool and user groups

Deploy to Azure
This template deploys Azure Virtual WAN (vWAN) with a P2S configured with multiple address pool and user groups

Terraform (AzAPI provider) resource definition

The vpnServerConfigurations/configurationPolicyGroups resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Network/vpnServerConfigurations/configurationPolicyGroups resource, add the following Terraform to your template.

resource "azapi_resource" "symbolicname" {
  type = "Microsoft.Network/vpnServerConfigurations/configurationPolicyGroups@2025-01-01"
  name = "string"
  parent_id = "string"
  body = {
    properties = {
      isDefault = bool
      policyMembers = [
        {
          attributeType = "string"
          attributeValue = "string"
          name = "string"
        }
      ]
      priority = int
    }
  }
}

Property Values

Microsoft.Network/vpnServerConfigurations/configurationPolicyGroups

Name Description Value
name The resource name string (required)
parent_id The ID of the resource that is the parent for this resource. ID for resource of type: vpnServerConfigurations
properties Properties of the VpnServerConfigurationPolicyGroup. VpnServerConfigurationPolicyGroupProperties
type The resource type "Microsoft.Network/vpnServerConfigurations/configurationPolicyGroups@2025-01-01"

VpnServerConfigurationPolicyGroupMember

Name Description Value
attributeType The Vpn Policy member attribute type. 'AADGroupId'
'CertificateGroupId'
'RadiusAzureGroupId'
attributeValue The value of Attribute used for this VpnServerConfigurationPolicyGroupMember. string
name Name of the VpnServerConfigurationPolicyGroupMember. string

VpnServerConfigurationPolicyGroupProperties

Name Description Value
isDefault Shows if this is a Default VpnServerConfigurationPolicyGroup or not. bool
policyMembers Multiple PolicyMembers for VpnServerConfigurationPolicyGroup. VpnServerConfigurationPolicyGroupMember[]
priority Priority for VpnServerConfigurationPolicyGroup. int

Usage Examples

Terraform Samples

A basic example of deploying VPN Server Configuration Policy Group.

terraform {
  required_providers {
    azapi = {
      source = "Azure/azapi"
    }
  }
}

provider "azapi" {
  skip_provider_registration = false
}

variable "resource_name" {
  type    = string
  default = "acctest0001"
}

variable "___location" {
  type    = string
  default = "westeurope"
}

variable "radius_server_secret" {
  type        = string
  description = "The RADIUS server secret for VPN authentication"
  sensitive   = true
}

resource "azapi_resource" "resourceGroup" {
  type     = "Microsoft.Resources/resourceGroups@2020-06-01"
  name     = var.resource_name
  ___location = var.___location
}

resource "azapi_resource" "vpnServerConfiguration" {
  type      = "Microsoft.Network/vpnServerConfigurations@2022-07-01"
  parent_id = azapi_resource.resourceGroup.id
  name      = var.resource_name
  ___location  = var.___location
  body = {
    properties = {
      radiusClientRootCertificates = [
      ]
      radiusServerAddress = ""
      radiusServerRootCertificates = [
      ]
      radiusServerSecret = ""
      radiusServers = [
        {
          radiusServerAddress = "10.105.1.1"
          radiusServerScore   = 15
          radiusServerSecret  = var.radius_server_secret
        },
      ]
      vpnAuthenticationTypes = [
        "Radius",
      ]
      vpnClientIpsecPolicies = [
      ]
      vpnClientRevokedCertificates = [
      ]
      vpnClientRootCertificates = [
      ]
      vpnProtocols = [
        "OpenVPN",
        "IkeV2",
      ]
    }
  }
  schema_validation_enabled = false
  response_export_values    = ["*"]
}

resource "azapi_resource" "configurationPolicyGroup" {
  type      = "Microsoft.Network/vpnServerConfigurations/configurationPolicyGroups@2022-07-01"
  parent_id = azapi_resource.vpnServerConfiguration.id
  name      = var.resource_name
  body = {
    properties = {
      isDefault = false
      policyMembers = [
        {
          attributeType  = "RadiusAzureGroupId"
          attributeValue = "6ad1bd08"
          name           = "policy1"
        },
      ]
      priority = 0
    }
  }
  schema_validation_enabled = false
  response_export_values    = ["*"]
}